https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23914
--- Comment #13 from Victor Grousset/tuxayo <[email protected]> --- Indeed, if there is no trust on the Hea server, that's a way of sharing not being up to date on the system level. (when that's the case) Which one might not want by default. On the other hand, isn't sharing the full version of Koha already more of a potential security issue? It doesn't directly speak about the system. But can a link be rightly guessed for a number of cases? By monitoring if the Koha if evolving on a regular basis. I don't know how much of that makes sense.[1] If there another more reliable way to link the two things? And the version of Koha can directly tell if vulnerable to remote code execution on an app listening to internet. As opposed to the DBMS. [1] Hum, I don't think it does at least in my example. So that would be an additional valuable fingerprinting information. Is a solution to share only the major and minor version of DBMS and the name? Like - MariaDB 10.4 - MySQL 5.7 Then no issues to do it by default right? Hum, that can still be an issue when the version is not maintained anymore since a long time. Are these remaining cases relevant? Is Koha even updated at all on those systems? To have an idea of the time to have an unmaintained DBMS version: https://en.wikipedia.org/wiki/MariaDB#Versioning https://en.wikipedia.org/wiki/MySQL#Release_history Actually, that just mean having Debian 8 or Ubuntu 16.04 which unfortunately can still be the case with a regularly updated Koha. I know for sure 18.11 still work on those OSes. After, I'm not sure if Perl or DBMS version allow Koha > 18.11 to work. Argh, that a complex topic!!! >_< -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
